1 /*
2 * Copyright (c) 2000-2020 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 2000 Apple Computer, Inc. All rights reserved.
30 *
31 * HISTORY
32 *
33 * 29 June 2000 (debo)
34 * Created.
35 */
36
37 #include <mach/mach_types.h>
38 #include <mach/mach_traps.h>
39 #include <mach/mach_port_server.h>
40
41 #include <mach/mk_timer.h>
42
43 #include <ipc/port.h>
44 #include <ipc/ipc_space.h>
45 #include <ipc/ipc_policy.h>
46
47 #include <kern/lock_group.h>
48 #include <kern/thread_call.h>
49
50 struct mk_timer {
51 decl_simple_lock_data(, lock);
52 thread_call_data_t mkt_thread_call;
53 bool is_dead;
54 bool is_armed;
55 int active;
56 ipc_port_t XNU_PTRAUTH_SIGNED_PTR("mk_timer.port") port;
57 ipc_kmsg_t XNU_PTRAUTH_SIGNED_PTR("mk_timer.prealloc") prealloc;
58 };
59
60 static ZONE_DEFINE_TYPE(mk_timer_zone, "mk_timer",
61 struct mk_timer, ZC_ZFREE_CLEARMEM);
62
63 static void mk_timer_expire(void *p0, void *p1);
64
65 mach_port_name_t
mk_timer_create_trap(__unused struct mk_timer_create_trap_args * args)66 mk_timer_create_trap(
67 __unused struct mk_timer_create_trap_args *args)
68 {
69 struct mk_timer* timer;
70 ipc_space_t myspace = current_space();
71 mach_port_name_t name = MACH_PORT_NULL;
72 ipc_port_t port;
73 kern_return_t result;
74 ipc_kmsg_t kmsg;
75 ipc_object_label_t label = IPC_OBJECT_LABEL(IOT_TIMER_PORT);
76
77
78 /* Allocate and initialize local state of a timer object */
79 timer = zalloc_flags(mk_timer_zone, Z_ZERO | Z_WAITOK | Z_NOFAIL);
80 simple_lock_init(&timer->lock, 0);
81 thread_call_setup(&timer->mkt_thread_call, mk_timer_expire, timer);
82
83 /* Pre-allocate a kmsg for the timer messages */
84 kmsg = ipc_kmsg_alloc(sizeof(mk_timer_expire_msg_t), 0, 0,
85 IPC_KMSG_ALLOC_KERNEL | IPC_KMSG_ALLOC_ZERO |
86 IPC_KMSG_ALLOC_ALL_INLINE | IPC_KMSG_ALLOC_NOFAIL |
87 IPC_KMSG_ALLOC_USE_KEEP_ALIVE);
88
89 label.iol_mktimer = timer;
90
91 /* Associate the pre-allocated kmsg with the port */
92 timer->prealloc = kmsg;
93
94 result = ipc_port_alloc(myspace, label, IP_INIT_NONE, &name, &port);
95 if (result != KERN_SUCCESS) {
96 return MACH_PORT_NULL;
97 }
98
99 /* make a (naked) send right for the timer to keep */
100 timer->port = ipc_port_make_send_any_locked(port);
101
102 ip_mq_unlock(port);
103
104 return name;
105 }
106
107 static void
mk_timer_unlock_and_destroy(struct mk_timer * timer,ipc_port_t port)108 mk_timer_unlock_and_destroy(struct mk_timer *timer, ipc_port_t port)
109 {
110 ipc_kmsg_t kmsg = timer->prealloc;
111
112 simple_unlock(&timer->lock);
113
114 zfree(mk_timer_zone, timer);
115 ipc_kmsg_keep_alive_abandon(kmsg);
116 ipc_port_release_send(port);
117 }
118
119 void
mk_timer_port_label_dealloc(ipc_object_label_t label)120 mk_timer_port_label_dealloc(
121 ipc_object_label_t label)
122 {
123 struct mk_timer *timer = label.iol_mktimer;
124
125 simple_lock(&timer->lock, LCK_GRP_NULL);
126
127 if (thread_call_cancel(&timer->mkt_thread_call)) {
128 timer->active--;
129 }
130 timer->is_armed = false;
131
132 timer->is_dead = true;
133 if (timer->active == 0) {
134 mk_timer_unlock_and_destroy(timer, timer->port);
135 } else {
136 simple_unlock(&timer->lock);
137 }
138 }
139
140 static void
mk_timer_expire(void * p0,__unused void * p1)141 mk_timer_expire(
142 void *p0,
143 __unused void *p1)
144 {
145 struct mk_timer *timer = p0;
146 ipc_kmsg_t kmsg;
147 ipc_port_t port;
148
149 simple_lock(&timer->lock, LCK_GRP_NULL);
150
151 port = timer->port;
152 kmsg = timer->prealloc;
153 assert(port != IP_NULL);
154 assert(timer->active > 0);
155
156 while (timer->is_armed && timer->active == 1) {
157 timer->is_armed = false;
158 simple_unlock(&timer->lock);
159
160 if (ipc_kmsg_keep_alive_try_reusing(kmsg)) {
161 mk_timer_expire_msg_t *msg;
162
163 msg = __container_of(ikm_header(kmsg),
164 mk_timer_expire_msg_t, header);
165 bzero(msg, sizeof(mk_timer_expire_msg_t));
166 msg->header.msgh_bits =
167 MACH_MSGH_BITS_SET(MACH_MSG_TYPE_COPY_SEND, 0, 0, 0);
168 msg->header.msgh_size = sizeof(mk_timer_expire_msg_t);
169 msg->header.msgh_remote_port = port;
170
171 kernel_mach_msg_send_kmsg(kmsg);
172 }
173
174 simple_lock(&timer->lock, LCK_GRP_NULL);
175 }
176
177 timer->active -= 1;
178
179 if (timer->active == 0 && timer->is_dead) {
180 mk_timer_unlock_and_destroy(timer, port);
181 } else {
182 simple_unlock(&timer->lock);
183 }
184 }
185
186 /*
187 * mk_timer_destroy_trap: Destroy the Mach port associated with a timer
188 *
189 * Parameters: args User argument descriptor (see below)
190 *
191 * Indirect: args->name Mach port name
192 *
193 *
194 * Returns: 0 Success
195 * !0 Not success
196 *
197 */
198 kern_return_t
mk_timer_destroy_trap(struct mk_timer_destroy_trap_args * args)199 mk_timer_destroy_trap(
200 struct mk_timer_destroy_trap_args *args)
201 {
202 mach_port_name_t name = args->name;
203 ipc_space_t myspace = current_space();
204 kern_return_t kr;
205 ipc_entry_t entry;
206
207 kr = ipc_right_lookup_write(myspace, name, &entry);
208 if (kr != KERN_SUCCESS) {
209 return kr;
210 }
211
212 /* space is write-locked and active */
213
214 if ((IE_BITS_TYPE(entry->ie_bits) & MACH_PORT_TYPE_RECEIVE) == 0) {
215 is_write_unlock(myspace);
216 return KERN_INVALID_RIGHT;
217 }
218
219 if (!ip_is_timer(entry->ie_port)) {
220 is_write_unlock(myspace);
221 return KERN_INVALID_ARGUMENT;
222 }
223
224 /*
225 * This should have been a mach_mod_refs(RR, -1) but unfortunately,
226 * the fact this is a mach_port_destroy() is ABI now.
227 */
228 return ipc_right_destroy(myspace, name, entry); /* unlocks space */
229 }
230
231 /*
232 * mk_timer_arm_trap: Start (arm) a timer
233 *
234 * Parameters: args User argument descriptor (see below)
235 *
236 * Indirect: args->name Mach port name
237 * args->expire_time Time when timer expires
238 *
239 *
240 * Returns: 0 Success
241 * !0 Not success
242 *
243 */
244
245 static kern_return_t
mk_timer_arm_trap_internal(mach_port_name_t name,uint64_t expire_time,uint64_t mk_leeway,uint64_t mk_timer_flags)246 mk_timer_arm_trap_internal(mach_port_name_t name, uint64_t expire_time, uint64_t mk_leeway, uint64_t mk_timer_flags)
247 {
248 struct mk_timer* timer;
249 ipc_object_label_t label;
250 ipc_space_t myspace = current_space();
251 ipc_port_t port;
252 kern_return_t result;
253
254 result = ipc_port_translate_receive(myspace, name, &port);
255 if (result != KERN_SUCCESS) {
256 return result;
257 }
258
259 if (!ip_is_timer(port)) {
260 ip_mq_unlock(port);
261 return KERN_INVALID_ARGUMENT;
262 }
263
264 label = ip_label_get(port, IOT_TIMER_PORT);
265 timer = label.iol_mktimer;
266 ip_label_put(port, &label);
267
268 if (timer) {
269
270 simple_lock(&timer->lock, LCK_GRP_NULL);
271 assert(timer->port == port);
272 ip_mq_unlock(port);
273
274 if (!timer->is_dead) {
275 timer->is_armed = true;
276
277 uint64_t now;
278 if (mk_timer_flags & MK_TIMER_CONTINUOUS) {
279 now = mach_continuous_time();
280 } else {
281 now = mach_absolute_time();
282 }
283
284 if (expire_time > now) {
285 uint32_t tcflags = THREAD_CALL_DELAY_USER_NORMAL;
286
287 if (mk_timer_flags & MK_TIMER_CRITICAL) {
288 tcflags = THREAD_CALL_DELAY_USER_CRITICAL;
289 }
290
291 if (mk_timer_flags & MK_TIMER_CONTINUOUS) {
292 tcflags |= THREAD_CALL_CONTINUOUS;
293 }
294
295 if (mk_leeway != 0) {
296 tcflags |= THREAD_CALL_DELAY_LEEWAY;
297 }
298
299 if (!thread_call_enter_delayed_with_leeway(
300 &timer->mkt_thread_call, NULL,
301 expire_time, mk_leeway, tcflags)) {
302 timer->active++;
303 }
304 } else {
305 if (!thread_call_enter1(&timer->mkt_thread_call, NULL)) {
306 timer->active++;
307 }
308 }
309 }
310
311 simple_unlock(&timer->lock);
312 } else {
313 ip_mq_unlock(port);
314 result = KERN_INVALID_ARGUMENT;
315 }
316 return result;
317 }
318
319 kern_return_t
mk_timer_arm_trap(struct mk_timer_arm_trap_args * args)320 mk_timer_arm_trap(struct mk_timer_arm_trap_args *args)
321 {
322 return mk_timer_arm_trap_internal(args->name, args->expire_time, 0, MK_TIMER_NORMAL);
323 }
324
325 kern_return_t
mk_timer_arm_leeway_trap(struct mk_timer_arm_leeway_trap_args * args)326 mk_timer_arm_leeway_trap(struct mk_timer_arm_leeway_trap_args *args)
327 {
328 return mk_timer_arm_trap_internal(args->name, args->expire_time, args->mk_leeway, args->mk_timer_flags);
329 }
330
331 /*
332 * mk_timer_cancel_trap: Cancel a timer
333 *
334 * Parameters: args User argument descriptor (see below)
335 *
336 * Indirect: args->name Mach port name
337 * args->result_time The armed time of the cancelled timer (return value)
338 *
339 *
340 * Returns: 0 Success
341 * !0 Not success
342 *
343 */
344 kern_return_t
mk_timer_cancel_trap(struct mk_timer_cancel_trap_args * args)345 mk_timer_cancel_trap(
346 struct mk_timer_cancel_trap_args *args)
347 {
348 mach_port_name_t name = args->name;
349 mach_vm_address_t result_time_addr = args->result_time;
350 uint64_t armed_time = 0;
351 struct mk_timer* timer;
352 ipc_space_t myspace = current_space();
353 ipc_port_t port;
354 kern_return_t result;
355 ipc_object_label_t label;
356
357 result = ipc_port_translate_receive(myspace, name, &port);
358 if (result != KERN_SUCCESS) {
359 return result;
360 }
361
362 if (!ip_is_timer(port)) {
363 ip_mq_unlock(port);
364 return KERN_INVALID_ARGUMENT;
365 }
366
367 label = ip_label_get(port, IOT_TIMER_PORT);
368 timer = label.iol_mktimer;
369 ip_label_put(port, &label);
370
371 if (timer != NULL) {
372 simple_lock(&timer->lock, LCK_GRP_NULL);
373 assert(timer->port == port);
374 ip_mq_unlock(port);
375
376 if (timer->is_armed) {
377 armed_time = thread_call_get_armed_deadline(&timer->mkt_thread_call);
378 if (thread_call_cancel(&timer->mkt_thread_call)) {
379 timer->active--;
380 }
381 timer->is_armed = false;
382 }
383
384 simple_unlock(&timer->lock);
385 } else {
386 ip_mq_unlock(port);
387 result = KERN_INVALID_ARGUMENT;
388 }
389
390 if (result == KERN_SUCCESS && result_time_addr != 0) {
391 if (copyout((void *)&armed_time, result_time_addr, sizeof(armed_time)) != 0) {
392 result = KERN_FAILURE;
393 }
394 }
395
396 return result;
397 }
398